It can also be used with any other U2F enabled services, such as Google apps.
If you didn't note your backup codes when you first set up two-step verification, you can find them on dropbox.com: A security key is a small USB or Near Field Communication (NFC) device that you can carry on a keychain.
When completing two-step verification, inserting your security key into your computer authenticates you with and finishes signing you into your Dropbox account.
This step ensures that you have a backup method, in case a device doesn't support your security key.
Dropbox only supports using a security key when signing in to using the Chrome web browser.
Most importantly, security keys use authenticated communication to defend against phishing attacks, in which attackers set up a phony Dropbox login page in order to lure you into disclosing your private information.
Setting up a security key requires a one-time purchase of a USB key that follows an open standard called ‘FIDO Universal 2nd Factor (U2F).’ Once you have a security key, it can be enabled for both your personal and work Dropbox accounts.To enable this option: Use a mobile app Several mobile apps are available that will generate a unique time-sensitive security code you can use to finish signing in to your Dropbox account.Any app that supports the Time-based One-Time Password (TOTP) protocol should work, including: Most apps will generate security codes even when cellular/data service is not available - useful when traveling or where coverage is unreliable.Let me help demonstrate the problem; I’ll show you what happens when you reuse or create weak passwords based on some real world examples which should really hit home. I identified 90 of mine recently and there are many more I’ve simply forgotten about.I’ll also show you how to overcome these problems with a good password manager so it’s not all bad news, . There is absolutely no way, even with only 10 accounts, you can create passwords that are strong, unique and memorable. Let me answer this in a roundabout way by focussing on strong passwords; a strong password is one which has a high degree of what we call entropy, or in simple terms, one that is as long and as random (in terms of both character types and sequence), as possible.A security key doesn’t require a separate battery or network connection like when using SMS or a mobile app for two-step verification.